Updated Implementation Considerations to consider
Mon, 10 Sep 2012 18:59:54 -0700
changeset 6 5606233e4ede
parent 5 b60afa40a19e
child 7 4076f83eb939
Updated Implementation Considerations to consider
priority of constituencies and proper operation
in the presence of user-installed extensions or
when using assistive technologies.
--- a/user-interface-safety.html	Mon Sep 10 17:04:05 2012 -0700
+++ b/user-interface-safety.html	Mon Sep 10 18:59:54 2012 -0700
@@ -820,6 +820,19 @@
 <h2>Implementation Considerations</h2>
+<p>The policy and intent of the user always takes precedence over the policy
+of resources.  In particular, transformations, customizations or enhancements
+of visual content made by the user agent or user-installed plugins SHOULD NOT cause the
+<code>input-protection</code> heuristic to be triggered.</p>
+<p>The use of assistive technologies (such as screen magnifiers
+or color and contrast modifications to the display) MUST NOT cause 
+the <code>input-protection</code> heuristic to be triggered. User
+agents that implement portions of that heuristic using 
+operating system functionality may need to detect the use of
+such technologies and explicitly disable enforcement of this
 <p>Many UI Redressing and Clickjacking attacks rely on exploiting specific features of user agents, such as repositioning of the browsing window, hiding or creating fake cursors, and script-driven scrolling and content repositioning.  Not all attacks apply to all user agents in all contexts.  User agents are free to optimize or not implement suggested heuristics when they do not apply, for example:
 	<li>Cursor integrity in a touch-only environment</li>
@@ -849,6 +862,19 @@
 calculate the user's view for the <strong>obstruction check</strong> phase of
 the heuristic.</p>
+<p>While this document describes a mechansim for resource authors to opt-in to 
+User Interface Safety protections, user agents MAY choose to opt-in all resources
+to <code>input-protection</code> by default, or provide users with an option
+to enable such protections for all resources.</p>
+<p>In support of enabling default protection, user agents MAY, with appropriate
+user consent and privacy protections, gather large-scale data on when the
+heuristic would have been triggered, if it had been abled, for various values
+of the configurable hint parameters.  Such data would allow the user agent to
+determine what default settings can provide broad protection with an acceptable
+rate of false positives, and perhaps to build a compatibility opt-out list of
+sites or resources to further reduce the false positive rate.</p>
 <h2>Implementation Considerations for Resource Authors</h2>